April 11, 2019 By Rodney Hyde

United States – Secaucus High School

Police: Secaucus High School Freshmen Hacked School’s Wi-Fi, Made Life Difficult For Teachers For Week

Exploit: Malware
Secaucus High School: New Jersey school district

Risk to Small Business: 2.333 = Severe: Two high school freshmen were arrested for disabling their school’s Wi-Fi system to avoid taking tests. The students used a private company to execute the hack, resulting in them being charged with computer criminal activity and conspiracy to commit computer criminal activity. Although the systems are back up and running, it remains to be seen how the students will be disciplined by the school district.

Individual Risk: 2.482 = Severe: None.

Customers Impacted: 2
How it Could Affect Your Customers’ Business: Hacks are being commoditized, with packaged products capable of bringing down systems and stealing information becoming readily available on the Dark Web. Smaller organizations must learn to recognize such trends and protect their members, customers, and staff by investing in security providers that host solutions enabling them to understand the inner workings of online, underground marketplaces.

Enterprise Systems and Dark Web ID™ can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with end customers to strengthen their security suite by offering industry-leading detection.

April 11, 2019 By Rodney Hyde

United States – Brookside ENT & Hearing Center

Michigan Practice Forced to Close Following Ransomware Attack

xploit: Ransomware attack
Brookside: Medical practice in Battle Creek, Michigan

Risk to Small Business: 2 = Severe: The doctor’s office of Dr. William Scalf and Dr. John Bizon will be forced to close on April 30th after falling victim to a ransomware attack and refusing to pay $6,500 to regain access. Although hackers were unable to compromise their data, all information regarding appointments, patients, and payments was completely erased.

Individual Risk: 2.428 = Severe Sensitive information of individuals was not accessed, only deleted. However, none of the unrecoverable data was salvaged and the office closure will force patients to seek treatment elsewhere, even those with imminent health concerns.

How it Could Affect Your Customers’ Business: This security incident is a perfect example of how devastating a ransomware attack can be for small businesses and their customers. Hackers are capable of wiping out infrastructure and important records, causing business owners to rebuild from the ground-up. As such, company managers must begin assessing cybersecurity threats and working with Partners such as Enterprise Systems to protect themselves from compromises going forward.

Enterprise Systems can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with you to strengthen your security suite by offering industry-leading detection.

April 11, 2019 By Rodney Hyde

Breach: United States – Burrell Behavioral Health (BBH)

Exploit: Unsecured business associate portal
BBH: Mental health service provider based in Missouri https://healthitsecurity.com/news/67000-patients-impacted-by-business-associate-breach-from-august-2018

Risk to Small Business: 2.333 = Severe: BBH has sent letters to patients notifying them of a breach that occurred in August of last year. Potential attackers would be able to infiltrate a business associate’s portal to access electronic protected health information (ePHI) and compromise sensitive records. The mental health service provider noted that there was no evidence of unauthorized access, but will be providing free identity monitoring, protection, and reporting from agencies including Equifax, Experian, and TransUnion. Along with the direct costs associated with offering such services to patients, the organization will have to pour funds into reputation management.

Individual Risk: 2.571 = Severe: The exposed records included names, addresses, contact information, DOBs, medical history information, driver’s license numbers and SSNs. Given the amount of time that has lapsed, patients are at high risk and should immediately begin monitoring their identity and credit reports.

Customers Impacted: 67,493 patients
How it Could Affect Your Customers’ Business: As breaches continue to become more commonplace, companies are being held accountable for providing free identity protection for their customers and employees. Such damage can be disabling for small businesses, especially when combined with the costs that come with managing public relations.

Monitoring the Dark Web for stolen credentials is critical for our end customers who want to provide comprehensive security to their efforts. BullPhish ID™ simulates phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime.

April 2, 2019 By Rodney Hyde

Ransomware attack pays off as Delaware Guidance Services gives in to criminals

The Delaware Guidance Services (DGS) for Children and Youth is the latest organization to pay off the cybercriminals who locked up their network with a ransomware attack.

The Dover, Del., based organization said in a letter to its patients and guardians that the attack took place on December 25, 2018. Files containing personal information, such as name, address, birth date, Social Security Number, and medical information were affected. DGS is a not-for-profit provider of comprehensive psychiatric services for children and their families in Delaware.

“To secure release of the records, DGS was required to pay a “ransom,” in exchange for a de-encryption ‘key’ that unlocked the records,” it said.

DGS did not indicate in the letter whether or not it tried to rectify the situation and recover the information without paying the ransom nor how much was paid. The organization has hired an outside security firm to investigate the matter and to determine if the data was accessed by the attackers. At this time, DGS said, it does not believe any of the records were compromised.

DGS is not alone in deciding to pay the ransom in order to regain access to their systems. Jackson County, Ga., officials paid $400,000 to its attackers last week and Columbia Surgical Specialist of Spokane, Wash., shelled out a $15,000 ransom earlier this month to recover from an attack.

March 28, 2019 By Rodney Hyde

The Week in Breach: 03/19/19 – 03/26/19

United States – MyPillow and Amerisleep
https://www.bleepingcomputer.com/news/security/payment-card-thieves-slip-into-mypillow-and-amerisleep-bedding-sites/

Exploit: Magecart attack on website checkout pages.
MyPillow and Amerisleep: Pillow and mattress companies in the US.

Risk to Small Business: 1.666 = Severe: After being targeted as early as 2017, both online retailers faced card skimming attacks. In this scheme, hackers will insert malicious code into website checkout pages and covertly swipe customer payment information. Although MyPillow discovered the first compromise almost immediately, it argued that the second attack did not result in the loss of information. On the other hand, Amerisleep has not responded to comments. Depending on what further investigations reveal, it is possible that the sleep companies will face hefty fines for their delay in responding as well as scrutiny from online shoppers.

Individual Risk: 2.428 = Severe As you can imagine, any information provided on a checkout page is up for grabs during a Magecart attack. This could include first and last names, addresses, credit card numbers, and more.

Customers Impacted: To be determined.
How it Could Affect Your Customers’ Business: Most recent Magecart attacks such as those on British Airways and Newegg were targeted towards larger firms, but now hacking groups are shifting their focus to small businesses. Skimming schemes are especially dangerous since they can be hard to trace, yet able to extract valuable customer information. Once cybercriminals can get their hands on such data, they will move to the Dark Web to make profits or conduct payment fraud.